File Coverage

blib/lib/Text/Password/AutoMigration.pm

Criterion	Covered	Total	%
statement	12	12	100.0
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	16	16	100.0

line	stmt	sub	time	code
1				package Text::Password::AutoMigration;
2				our $VERSION = "0.17";
3
4	2	2	69603	use Carp;
	2		12
	2		190
5	2	2	1086	use Moo;
	2		15083
	2		15
6	2	2	3938	use strictures 2;
	2		3736
	2		108
7
8				extends 'Text::Password::SHA';
9
10				=encoding utf-8
11
12				=head1 NAME
13
14				Text::Password::AutoMigration - generate and verify Password with any contexts
15
16				=head1 SYNOPSIS
17
18				my $pwd = Text::Password::AutoMigration->new();
19				my( $raw, $hash ) = $pwd->genarate(); # list context is required
20				my $input = $req->body_parameters->{passwd};
21				my $data = $pwd->encrypt($input); # you don't have to care about salt
22				my $flag = $pwd->verify( $input, $data );
23
24				=head1 DESCRIPTION
25
26				Text::Password::AutoMigration is a module for some lasy Administrators.
27
28				It would help you to migrate old hash what has vulnerability
29				such as encrypted by perl, MD5, SHA-1 or even if it was with SHA-256 to SHA-512.
30
31				The method I<verify()> automatically detects the algorithm which is applied to the hash
32				with B<CORE::crypt>, B<MD5>, B<SHA-1 by hex>, B<SHA-256> and of course B<SHA-512>.
33
34				And every I<verify()> B<returns a brand new hash> generated by using B<with SHA-512>.
35
36				Therefore all you have to do is to replace the old hash with the new one on your Databases.
37
38				=head2 Constructor and initialization
39
40				=head3 new()
41
42				No arguments are required. But you can set some parameters.
43
44				=over
45
46				=item default( I<Int> )
47
48				You can set default length with using 'default' argument like below:
49
50				$pwd = Text::Pasword::AutoMiglation->new( default => 8 );
51
52				It must be an Int, defaults to 10.
53
54				=item readablity( I<Bool> )
55
56				You can set default strength for password with usnig 'readablity' argument like below:
57
58				$pwd = Text::Pasword::AutoMiglation->new( readability => 0 );
59
60				It must be a Boolean, defaults to 1.
61
62				If it was false, I<generate()> starts to return stronger passwords with charactors hard to read.
63
64				=item migrate( I<Bool> )
65
66				It must be a Boolean, defaults to 1.
67
68				If you've already replaced all hash or started to make new applications with this module,
69
70				you can call the constructor with I<migrate =E<lt> 0>.
71
72				Then I<verify()> would not return a new hash but always 1.
73
74				It may help you a little faster without any change of your code.
75
76				=cut
77
78	2	2	1695	use Types::Standard qw(Bool);
	2		222884
	2		25
79				has migrate => ( is => 'rw', isa => Bool, default => 1 );
80
81				=back
82
83				=head2 Methods and Subroutines
84
85				=head3 verify( $raw, $hash )
86
87				To tell the truth, this is the most useful method of this module.
88
89				it Returns a true strings instead of boolean if the verification succeeds.
90
91				Every value is B<brand new hash from SHA-512> because it is true anyway.
92
93				So you can replace hash in your Database easily like below:
94
95				my $pwd = Text::Password::AutoMigration->new();
96				my $dbh = DBI->connect(...);
97				my $db_hash_ref = $dbh->fetchrow_hashref(...);
98
99				my $param = $req->body_parameters;
100				my $hash = $pwd->verify( $param->{passwd}, $db_hash_ref->{passwd} );
101				if ($hash) { # you don't have to execute this every time
102				my $sth = $dbh->prepare('UPDATE DB SET passwd=? WHERE uid =?') or die $dbh->errstr;
103				$sth->excute( $hash, $param->{uid} ) or die $sth->errstr;
104				}
105
106				New hash length is at least 100 if length of nonce . So you have to change your DB like below:
107
108				ALTER TABLE User CHANGE passwd passwd VARCHAR(100);
109
110				=cut
111
112				around verify => sub {
113				my ( $orig, $self ) = ( shift, shift );
114				return 0 unless $self->$orig(@_);
115				return $self->migrate() ? $self->encrypt(@_) : 1;
116
117				};
118
119				=head3 nonce( I<Int> )
120
121				generates the random strings with enough strength.
122
123				the length defaults to 10 or $self->default().
124
125				=head3 encrypt( I<Str> )
126
127				returns hash with unix_sha512_crypt().
128
129				salt will be made automatically.
130
131				=head3 generate( I<Int> )
132
133				genarates pair of new password and it's hash.
134
135				less readable characters(0Oo1Il\|!2Zz5sS$6b9qCcKkUuVvWwXx.,:;~-^'"`) are forbidden
136				unless $self->readability is 0.
137
138				the length defaults to 10 \|\| $self->default().
139
140				B<DON'T TRUST> this method.
141
142				According to L<Password expert says he was wrong\|https://www.usatoday.com/story/news/nation-now/2017/08/09/password-expert-says-he-wrong-numbers-capital-letters-and-symbols-useless/552013001/>,
143				it's not a safe way. So, I will rewrite this method as soon as I find the better way.
144
145				=cut
146
147				1;
148
149				__END__
150
151				=head1 SEE ALSO
152
153				=over
154
155				=item L<GitHub\|https://github.com/worthmine/Text-Password-AutoMigration>
156
157				=item L<CPAN\|http://search.cpan.org/perldoc?Text%3A%3APassword%3A%3AAutoMigration>
158
159				=item L<https://shattered.io/>
160
161				=back
162
163				=head1 LICENSE
164
165				Copyright (C) Yuki Yoshida(worthmine).
166
167				This library is free software; you can redistribute it and/or modify
168				it under the same terms as Perl itself.
169
170				=head1 AUTHOR
171
172				Yuki Yoshida E<lt>worthmine@users.noreply.github.comE<gt>